package io.hepu.robotize.security;

import io.hepu.robotize.enums.IStatus;
import io.hepu.robotize.enums.UserState;
import io.hepu.robotize.exception.AuthGrantException;
import io.hepu.robotize.model.User;
import org.apache.shiro.authc.AuthenticationException;
import org.springframework.lang.NonNull;
import org.springframework.lang.Nullable;

public class AuthGrantGuard {

    /**
     * USER STATUS CHECKING
     *
     * @param user user which verified
     * @return whether user is valid
     * @throws AuthenticationException verify is failed
     */
    public static boolean verify(@Nullable User user) throws AuthenticationException {
        if (user == null) {
            throw AuthGrantException.of(IStatus.ACCOUNT_INVALID);
        }

        if (user.getStatus() == UserState.DISABLED) {
            throw AuthGrantException.of(IStatus.ACCOUNT_DISABLED);
        }

        if (user.getStatus() == UserState.LOCKED) {
            throw AuthGrantException.of(IStatus.ACCOUNT_LOCKED);
        }

        if (user.getStatus() == UserState.EXPIRED) {
            throw AuthGrantException.of(IStatus.ACCOUNT_EXPIRED);
        }

        return true;
    }
}
